Skip to main content
Sumo Logic

Collect Logs for Amazon Web Services' (AWS) Elastic Load Balancer (ELB) Application App

Collect logs for the Amazon Web Services' (AWS) Elastic Load Balancer (ELB) Application App.

Collect Logs for Amazon Web Services' (AWS) Elastic Load Balancer (ELB) Application App

Log Types

The Application Load Balancer Access Log introduces two new fields in addition to the fields contained in Classic ELB Access log:

  • Type - This is the type of request or connection (HTTP, HTTPS, H2, ws, wss)

  • Target_group_arn - This is the Amazon Resource Name (ARN) of the target group

The logs are stored in a .gzip format in the specified S3 bucket and contain these fields in this order:

timestamp, elb, client:port, target:port, request_processing_time, target_processing_time, response_processing_time, elb_status_code, target_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol, target_group_arn, trace_id

For more details on the ALB Access log, see the AWS documentation.

Collect Logs for AWS ALB

Before you can begin to use the Sumo Logic App for Application Load Balancing, complete the following steps:

  1. Grant Sumo Logic access to an Amazon S3 bucket.

  2. Enable Application Load Balancer logging in AWS.

  3. Confirm that logs are being delivered to the Amazon S3 bucket.

  4. Add an AWS ALB Source to Sumo Logic.

  5. Install the Sumo Logic App for AWS ELB - Application App.